ag3nt42 Posted July 1, 2008 Share Posted July 1, 2008 hello again all, I am in the need for a text input field that displays an unchangeable value.. that will post.. Basically I'm using it to delete entries from a database.. You first submit an entry then upon refreshing you see the entry listed below .. I want to be able to submit this entry again to delete it. But I don't want the user to be able to change the text inputs value. other wise it won't work. any ideas on that?? I'll show some code i'm using so you can better understand. Edit.php: <table> <tr> <td colspan='2'><h1>Client Types</h1></td> </tr> <tr> <td colspan='2'> <fieldset><legend>Client Types</legend> <form action='../Ca_info/Cct_info.php' method='post'> <table> <tr> <td style='text-align:right;'><label>Type: </label></td> <td style='text-align:left;'><input type='text' value='' name='Ctype' /></td> </tr> <tr> <td> </td> </tr> <tr> <td style='text-align:right;'><input type='reset' value='Reset' /></td> <td style='text-align:left;'><input type='submit' value='Submit' /></td> </tr> </table> </form> </fieldset> </td> </tr> <tr> <td colspan='2'><h2>Available Types</h2></td> </tr> "); //////////////////////// //* SNATCH AVAILABLE *// //////////////////////// //* STOP THE BITCHING *// $Z=array('','','','',''); $database=$tblpre."ClientType"; $AvailableSQL="SELECT Type FROM [".$database."]"; $result=mssql_query($AvailableSQL)or die(mssql_error()); $count=mssql_num_rows(mssql_query($AvailableSQL)); $y=0; while($row=mssql_fetch_row($result)) { $Z=$row[0]; $y++; echo(" <tr> <td width='50%' style='text-align:right;'> <form action='../Ca_info/Cct_info.php' method='post'> <input type='text' value='".$Z."' name='Type".$y."' /> </td> <td width='50%' style='text-align:left;'> <input type='submit' value='Delete' /> </form> </td> </tr> <tr> <td colspan='2'> </td> </tr> "); } //* IF NONE ARE AVAILABLE *// if($count<=0) { echo("<tr>".PHP_EOL."<td>No Currently Available Types</td>".PHP_EOL."</tr>".PHP_EOL); } else { echo(""); } echo("</table>".PHP_EOL."</body>".PHP_EOL."</html>"); ?> process.php: //////////////////////////////// //****************************// //* Harvest Form Information *// //****************************// //////////////////////////////// //ADD if(!(isset($_POST['Ctype']))){$Ctype='None';}else{$Ctype=$_POST['Ctype'];} //DELETE //* STOP THE BITCHING *// $Type= array('','','','',''); $Z=array('','','','',''); //* CHECK HOW MANY *// $database=$tblpre."ClientType"; $AvailableSQL="SELECT * FROM [".$database."]"; $result=mssql_query($AvailableSQL)or die(mssql_error()); $y=0; $count=mssql_num_rows(mssql_query($AvailableSQL)); while($row=mssql_fetch_row($result)) { $Z[$y]=$row[0]; $y++; } //////////////////////////// //************************// //* Setup SQL Variables *// //************************// //////////////////////////// //The Table+Prefix $datatable=$tblpre."ClientType"; //COLLECT DELETE INPUT for($x=0;$x<=$count;$x++) { if(!(isset($_POST['Type'.$x]))){$Delete='No';$Type[$x]='';}else{$Delete='Yes';$Type[$x]=$_POST['Type'.$x];} //SQL VARIABLE MUST BE SET HERE FOR X TO BE CORRECT $TypeDelete="DELETE FROM [".$datatable."] WHERE Type='".$Type[$x]."'"; } $TypeInsert="INSERT INTO [".$datatable."] VALUES ('".$Ctype."');"; //////////////////////////// //************************// //* Start SQL Injections *// //************************// //////////////////////////// $Success=0; $Fail=0; // IF ADDING if($Delete=='No') { if(mssql_query($TypeInsert)) { echo("<font color='green'>".$Ctype."Type Added Successfully!</font><br />"); $Success++; } else { echo("<font color='red'>".$Ctype."FAILED</font>".mssql_error()); $Fail++; } } //IF DELETING elseif($Delete=='Yes') { if(mssql_query($TypeDelete)) { echo("<font color='green'>Type Deleted Successfully!</font><br />"); $Success++; } else { echo("<font color='red'>FAILED</font>".mssql_error()); $Fail++; } } Quote Link to comment Share on other sites More sharing options...
LooieENG Posted July 1, 2008 Share Posted July 1, 2008 You could store it in a session, but display it anyway. Then, even if they change it, it will still use the value of $_SESSION['whatever'] instead of $_POST['whatever'] Quote Link to comment Share on other sites More sharing options...
ag3nt42 Posted July 1, 2008 Author Share Posted July 1, 2008 thats not a bad idea Quote Link to comment Share on other sites More sharing options...
DarkWater Posted July 1, 2008 Share Posted July 1, 2008 I'd use Looie's idea because they can change the POST value even if you don't want them to. Quote Link to comment Share on other sites More sharing options...
ag3nt42 Posted July 1, 2008 Author Share Posted July 1, 2008 good call thankx guys.. solved! Quote Link to comment Share on other sites More sharing options...
ag3nt42 Posted July 1, 2008 Author Share Posted July 1, 2008 ok not solved.. sry... thought that was going to work but It screws up my logic because now the variable is ALWAYS set.. so since it is set it always deletes. Even when submitting p.s. I wana know who's bright idea it was to make READONLY inputs not post..(dumbarse)... isn't that what "disabled" should take care of Quote Link to comment Share on other sites More sharing options...
Jabop Posted July 1, 2008 Share Posted July 1, 2008 Umm, echo the get or post variables or whatever they are... hell just use request, but just echo them as text. If they feel like editing, send them back to the form. Quote Link to comment Share on other sites More sharing options...
ag3nt42 Posted July 1, 2008 Author Share Posted July 1, 2008 well the forms are all on the same page.. but I just don't want them to be able to edit the field input.. If I make them anything other then a submitable value.. then they are constantly set which makes it impossible for me to reference what they are doing. If the variable is always set then how do i say they are deleting rather then submitting? on the other hand I spose i could just make an invisible input and echo out as text as you said.. that way I have both. and its not always set... That just may work Quote Link to comment Share on other sites More sharing options...
.josh Posted July 1, 2008 Share Posted July 1, 2008 maybe I'm not understanding right, but how about instead of making a disabled field, you just echo out the value and make a hidden field? Quote Link to comment Share on other sites More sharing options...
ag3nt42 Posted July 1, 2008 Author Share Posted July 1, 2008 well the forms are all on the same page.. but I just don't want them to be able to edit the field input.. If I make them anything other then a submitable value.. then they are constantly set which makes it impossible for me to reference what they are doing. If the variable is always set then how do i say they are deleting rather then submitting? on the other hand I spose i could just make an invisible input and echo out as text as you said.. that way I have both. and its not always set... That just may work maybe I'm not understanding right, but how about instead of making a disabled field, you just echo out the value and make a hidden field? thats wat i was thinking/\ thanks tho. That definatley did the trick Quote Link to comment Share on other sites More sharing options...
LooieENG Posted July 1, 2008 Share Posted July 1, 2008 But couldn't somebody still change it using Firebug if they really wanted? Quote Link to comment Share on other sites More sharing options...
.josh Posted July 1, 2008 Share Posted July 1, 2008 okay well then why not go back to the session var idea, except after submission and deletion, you unset the session var? Quote Link to comment Share on other sites More sharing options...
ag3nt42 Posted July 1, 2008 Author Share Posted July 1, 2008 thats ok its not that important .. were talking about people who can barely use the computer here.. they won't be trying to hack this thing. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.